Pool A

Question 1

Which of the following is an AWS managed Domain Name System (DNS) web service?
A. Amazon Route 53
B. Amazon Neptune
C. Amazon SageMaker
D. Amazon Lightsail

Answer 1

Answer: A

Question 2

A company wants to reduce the physical compute footprint that developers use to run code. Which service
would meet that needby enabling serverless architectures?
A. Amazon Elastic Compute Cloud (Amazon EC2)
B. AWS Lambda
C. Amazon DynamoDB
D. AWS CodeCommit

Answer 2

Answer: B
Explanation:
AWS Lambda is an integral part of coding on AWS. It reduces physical compute footprint by utilizing
awscloud services to run code.

Question 3

Where can AWS compliance and certification reports be downloaded?
A. AWS Artifact
B. AWS Concierge
C. AWS Certificate Manager
D. AWS Trusted Advisor

Answer 3

Answer: A
Explanation:
WS Artifact is yourgo-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’s security and compliance reports and select online agreements. The AWS
SOC 2 report is particularly helpful for completing questionnaires because it provides a comprehensive
description of the implementation and operating effectiveness of AWS security controls. Another useful
document is the Executive Briefing within the AWS FedRAMP Partner Package.

Question 4

Which AWSservice would you use to obtain compliance reports and certificates?
A. AWS Artifact
B. AWS Lambda
C. Amazon Inspector
D. AWS Certificate Manager

Answer 4

Explanation:
AWS Artifact is your go-to, central resource for compliance-related information that matters toyou. It
provides on-demand access to AWS’ security and compliance reports and select online agreements.
Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card
Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance
verticals that validate the implementation and operating effectiveness of AWS security controls.
Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the
NondisclosureAgreement (NDA).

Question 5

A customer would like to design and build a new workload on AWS Cloud but does not have the
AWS-related software technical expertise in-house.
Which of the following AWSprograms can a customer take advantage of to achieve that outcome?
A. AWS Partner Network Technology Partners
B. AWS Marketplace
C. AWS Partner Network Consulting Partners
D. AWS Service Catalog

Answer 5

Answer: C

Question 6

Under the shared responsibility model, which of the following tasks are the responsibility of the AWS
customer? (Select TWO.)
A. Ensuring that application data is encrypted at rest
B. Ensuring that AWS NTP servers areset to the correct time
C. Ensuring that users have received security training in the use of AWS services
D. Ensuring that access to data centers is restricted
E. Ensuring that hardware is disposed of properly

Answer 6

Answer: A C

Question 7

Which AWS services should be used for read/write of constantly changing data? (Select TWO.)
A. Amazon Glacier
B. Amazon RDS
C. AWS Snowball
D. Amazon Redshift
E. Amazon EFS

Answer 7

Answer: B E
Explanation:
https://aws.amazon.com/efs/?nc2=type_a

Question 8

When performing a cost analysis that supports physical isolation of a customer workload, whichcompute
hosting model should be accounted for in the Total Cost of Ownership (TCO)?
A. Dedicated Hosts
B. Reserved Instances
C. On-Demand Instances
D. No Upfront Reserved Instances

Answer 8

Answer: A
Explanation:
Use Dedicated Hosts to launch Amazon EC2 instances on physical servers that are dedicated for your use.
Dedicated Hosts give you additional visibility and control over how instances are placed on a physical
server, and you can reliably use the same physical server over time. As a result, Dedicated Hosts enable
you to use your existing server-bound software licenses like Windows Server and address corporate
compliance and regulatory requirements.

Question 9

Which of the following Identity and Access Management (IAM) entities is associated with an access key ID
and secret access key when using AWS Command Line Interface (AWS CLI)?
A. IAM group
B. IAM user
C. IAM role
D. IAM policy

Answer 9

Answer: B

Question 10

Web servers running on Amazon EC2 access a legacyapplication running in a corporate data center. What
term would describe this model?
A. Cloud-native
B. Partner network
C. Hybrid architecture
D. Infrastructure as a service

Answer 10

Answer: C

Question 11

Which of the following security-related services does AWS offer? (Select TWO.)
A. Multi-factorauthentication physical tokens
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection

Answer 11

Answer: C D

Question 12

Which AWS tools assist with estimating costs? (Select three.)
A. Detailed billing report
B. Cost allocation tags
C. AWS Simple Monthly Calculator
D. AWS Total Cost of Ownership (TCO) Calculator
E. Cost Estimator

Answer 12

Answer: B C D
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/estimating-aws-resource-costs/

Question 13

Which AWS Cost Management tool allows you to view the most granular data about your AWS bill?
A. AWS Cost Explorer
B. AWS Budgets
C. AWS Cost and Usage report
D. AWS Billing dashboard

Answer 13

Answer: C
Explanation:
The AWS Billing Console gives you access to the most comprehensive information about your AWS costs
and usage. To see how your costs are tracking month-to-date, and which AWS services are the main cost
drivers, check out the AWSBilling Dashboard. To access to the most comprehensive information about your
AWS costs and usage, you can download the AWS Cost & Usage Report. To view your bill for any previous
month, you can access the Bills page.https://aws.amazon.com/aws-cost-management/details/

Question 14

Which serviceenables risk auditing by continuously monitoring and logging account activity, including user
actions in the AWS Management Console and AWS SDKs?
A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS Config
D. AWS Health

Answer 14

Answer: B

Question 15

Which task is AWS responsible for in the shared responsibility model for security and compliance?
A. Granting access to individuals and services
B. Encrypting data in transit
C. Updating Amazon EC2 host firmware
D. Updating operating systems

Answer 15

Answer: C

Question 16

Which AWS feature will reduce the customer’s total cost of ownership (TCO)?
A. Shared responsibility security model
B. Single tenancy
C. Elastic computing
D. Encryption

Answer 16

Answer: C
Explanation:
https://aws.amazon.com/compliance/shared-responsibility-model/

Question 17

Which of the following are features of Amazon CloudWatch Logs?(Select TWO.)
A. Summaries by Amazon Simple Notification Service (Amazon SNS)
B. Free Amazon Elasticsearch Service analytics
C. Provided at no charge
D. Real-time monitoring
E. Adjustable retention

Answer 17

Answer: D E
Explanation:
https://aws.amazon.com/cloudwatch/faqs/

Question 18

One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:
A. it allows thebusiness to eliminate IT bills.
B. it allows the business to put a server in each customer’s data center.
C. it allows the business to focus on business activities.
D. it allows the business to leave servers unpatched.

Answer 18

Answer: C

Question 19

Which of the following AWS services can be used to serve large amounts of online video content with the
lowest possible latency? (Select TWO.)
A. appGateway
B. Amazon S3
C. Amazon Elastic File System (EFS)
D. Amazon Glacier
E. Amazom CloudFront

Answer 19

Answer: B E
Explanation:
https://aws.amazon.com/pt/blogs/networking-and-content-delivery/amazon-s3-amazon-cloudfront-a-match
-mad

Question 20

Which AWS services are defined as global instead of regional? (Select TWO.)
A. Amazon Route 53
B. Amazon EC2
C. Amazon S3
D. Amazon CloudFront
E. Amazon DynamoDB

Answer 20

Answer: A D

Question 21

What is the AWS customer responsible for according to the AWS shared responsibility model?
A. Physical access controls
B. Data encryption
C. Secure disposal of storage devices
D. Environmental risk management

Answer 21

Answer: B

Question 22

Which of the following is a correctrelationship between regions, Availability Zones, and edge locations?
A. Data centers contain regions.
B. Regions contain Availability Zones.
C. Availability Zones contain edge locations.
D. Edge locations contain regions.

Answer 22

Answer: B

Question 23

Which AWS services can host a Microsoft SQL Server database? (Select TWO.)
A. Amazon EC2
B. Amazon Relational Database Service (Amazon RDS)
C. Amazon Aurora
D. Amazon Redshift
E. Amazon S3

Answer 23

Answer: A B

Question 24

Where are AWS compliance documents, such as an SOC 1 report, located?
A. Amazon Inspector
B. AWS CloudTrail
C. AWS Artifact
D. AWS Certificate Manager

Answer 24

Answer: C

Question 25

The AWS Cloud’s multiple Regions are an example of:
A. agility.
B. globalinfrastructure.
C. elasticity.
D. pay-as-you-go pricing.

Answer 25

Answer: B
Explanation:
https://aws.amazon.com/blogs/apn/architecting-multi-region-saas-solutions-on-aws/

Question 26

What is Amazon CloudWatch?
A. A code repository with customizable build and team commit features.
B. A metrics repository with customizable notification thresholds and channels.
C. A security configuration repository with threat analytics.
D. A rule repository of a web application firewall with automated vulnerability prevention features.

Answer 26

Answer: B
Explanation:
Amazon CloudWatch is basically a metrics repository. An AWS service — such as Amazon EC2 — puts
metrics intothe repository, and you retrieve statistics based on those metrics. If you put your own custom
metrics into the repository, you can retrieve statistics on these metrics as well.

Question 27

Whichservices can be used across hybrid AWS Cloud architectures? (Select TWO.)
A. Amazon Route 53
B. Virtual Private Gateway
C. Classic Load Balancer
D. Auto Scaling
E. Amazon CloudWatch default metrics

Answer 27

Answer: A B
Explanation:
https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-clo
ud-w AWS released Amazon Route 53 Resolver for hybrid cloud in November 2018.This makes migration
to cloud and hybrid architectures easier by solving many DNS challenges.

Question 28

Which AWS characteristics make AWS cost effective for a workload with dynamic user demand? (Select
TWO.)
A. High availability
B. Shared security model
C. Elasticity
D. Pay-as-you-go pricing
E. Reliability

Answer 28

Answer: C D

Question 29

Which ofthe following are characteristics of Amazon S3? (Select TWO.)
A. A global file system
B. An object store
C. A local file store
D. A network file system
E. A durable storage system

Answer 29

Answer: B E
Explanation:
Build scalable, durable, and secure backup and restore solutions with Amazon S3 and other AWS services,
such as S3 Glacier, Amazon EFS, and Amazon EBS, to augment or replace existing on-premises
capabilities.https://aws.amazon.com/s3/

Question 30

Which of the following is a fast and reliable NoSQL database service?
A. Amazon Redshift
B. Amazon RDS
C. Amazon DynamoDB
D. Amazon S3

Answer 30

Answer: C

Question 31

A characteristic of edge locations is that they:
A. host Amazon EC2 instances closer to users.
B. help lower latency and improve performance for users.
C. cache frequently changing data without reaching the originserver.
D. refresh data changes daily.

Answer 31

Answer: C
Explanation:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html

Question 32

Which of the following inspects AWS environments to find opportunities that can save money for users and
also improve system performance?
A. AWS Cost Explorer
B. AWS Trusted Advisor
C. Consolidated billing
D. Detailed billing

Answer 32

Answer: B

Question 33

Which of the following is a benefit of using the AWS Cloud?
A. Permissive security removes the administrative burden.
B. Ability to focus on revenue-generating activities.
C. Control over cloud network hardware.
D. Choice ofspecific cloud hardware vendors.

Answer 33

Answer: A
Explanation:
Developer and IT staff productivity accounted for nearly 30% of overall financial benefits. The remaining
benefits were driven by the flexibility and agility of Amazon cloud infrastructure services, which makeit
easier to trial new business models, support revenue-generating applications, and provide more reliable
services to end users.

Question 34

Which of the following steps should be taken by a customer when conducting penetration testing on AWS?
A. Conduct penetration testing using Amazon Inspector, and then notify AWS support.
B. Request and wait for approval from the customer’s internal security team, and then conduct testing.
C. Notify AWS support, and thenconduct testing immediately.
D. Request and wait for approval from AWS support, and then conduct testing.

Answer 34

Answer: B
Explanation:
AWS customers are welcome to carry out security assessments or penetration tests against their AWS
infrastructure without prior approvalfor 8 services.

Question 35

Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Convertible Reserved Instances

Answer 35

Answer: C
Explanation:
In the new model, the Spot prices are more predictable, updated less frequently, and are determined by
supply and demand for Amazon EC2 spare capacity, not bid prices.

Question 36

What AWS team assists customers withaccelerating cloud adoption through paid engagements in any of
several specialty practice areas?
A. AWS Enterprise Support
B. AWS Solutions Architects
C. AWS Professional Services
D. AWS Account Managers

Answer 36

Answer: C
Explanation:
https://aws.amazon.com/professional-services/

Question 37

Which AWS service provides a customized view of the health of specific AWS services that power a
customer’s workloads running on AWS?
A. AWS Service Health Dashboard
B. AWS X-Ray
C. AWS Personal Health Dashboard
D. Amazon CloudWatch

Answer 37

Answer: C

Question 38

According to best practices, how should an application be designed to run in the AWS Cloud?
A. Use tighly coupled components.
B. Use loosely coupled components.
C. Use infrequently coupled components.
D. Use frequently coupled components.

Answer 38

Answer: B

Question 39

Which is a recommended pattern for designing a highly available architecture on AWS?
A. Ensure thatcomponents have low-latency network connectivity.
B. Run enough Amazon EC2 instances to operate at peak load.
C. Ensure that the application is designed to accommodate failure of any single component.
D. Use a monolithic application that handles alloperations.

Answer 39

Answer: C

Question 40

Which service should a customer use to consolidate and centrally manage multiple AWS accounts?
A. AWS IAM
B. AWS Organizations
C. AWS Schema Conversion Tool
D. AWS Config

Answer 40

Answer: B

Question 41

How many Availability Zones should compute resources be provisioned across to achieve high availability?
A. A minimum of one
B. A minimum of two
C. A minimum of three
D. A minimum of four or more

Answer 41

Answer: B

Question 42

Which Amazon EC2 instance pricing model can provide discounts of up to 90%?
A. ReservedInstances
B. On-Demand
C. Dedicated Hosts
D. Spot Instances

Answer 42

Answer: D

Question 43

Compared with costs in traditional and virtualized data centers, AWS has:
A. greater variable costs and greater upfront costs.
B. fixed usage costs and lower upfront costs.
C. lower variable costs and greater upfront costs.
D. lower variable costs and lower upfront costs.

Answer 43

Answer: D

Question 44

Which of the following Amazon EC2 pricing models allow customers to use existing server-bound software
licenses?
A. Spot Instances
B. Reserved Instances
C. Dedicated Hosts
D. On-Demand Instances

Answer 44

Answer: C

Question 45

Which AWS service should be used for long-term, low-cost storage of data backups?
A. Amazon RDS
B. Amazon Glacier
C. AWS Snowball
D. AWS EBS

Answer 45

Answer: B
Explanation:
Amazon S3 Glacier is a secure, durable, and low-cost storageclass of S3 for data archiving and long-term
backup. Customers can store large or small amounts of data for as little as $0.004 per gigabyte per month.
The S3 Glacier storage class is ideal for archives where data is regularly retrieved and some of the data
may be needed in minutes.
Amazon RDS is a relational database service that hosts databases. It helps you create and manage
databases. Amazon Snowball is a petabyte-scale data transfer service that provides cost efficient data
transfer to AWS from tamperproof physical devices. Similarly, Elastic block storage offers persistent block
storage volumes for EC2 instances.

Question 46

Which of the following are advantages of AWS consolidated billing?(Select TWO.)
A. The ability to receive one bill for multiple accounts
B. Service limits increasing by default in all accounts
C. A fixed discount on the monthly bill
D. Potential volume discounts, as usage in all accounts is combined
E. The automatic extension of the master account’s AWS support plan to all accounts

Answer 46

Answer: A D
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/support-consolidated-billing/

Question 47

The financial benefits of using AWS are: (Select TWO.)
A. reduced Total Cost of Ownership (TCO).
B. increased capital expenditure (capex).
C. reduced operational expenditure (opex).
D. deferred payment plans for startups.
E. business credit lines for stratups.

Answer 47

Answer: A D

Question 48

Where should a company go to search software listings from independent software vendors to find, test,
buy and deploy software that runs on AWS?
A. AWSMarketplace
B. Amazon Lumberyard
C. AWS Artifact
D. Amazon CloudSearch

Answer 48

Answer: A
Explanation:
AWS Marketplace is a digital catalog with thousands of software listings from independent software
vendors that make it easy to find, test, buy, and deploy software that runs on AWS.

Question 49

A company is migrating an application that is running non-interruptible workloads for athree-year time frame.
Which pricing construct would provide the MOST cost-effective solution?
A. Amazon EC2 Spot Instances
B. Amazon EC2 Dedicated Instances
C. Amazon EC2 On-Demand Instances
D. Amazon EC2 Reserved Instances

Answer 49

Answer: D

Question 50

If a customer needs to audit the change management of AWS resources, which of the followingAWS
services should the customer use?
A. AWS Config
B. AWS Trusted Advisor
C. Amazon CloudWatch
D. Amazon Inspector

Answer 50

Answer: A
Explanation:
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS
resources. Config continuously monitors and records your AWS resource configurations and allows you to
automate the evaluation of recorded configurations against desired configurations. With Config, you can
review changes in configurations and relationships between AWS resources, dive into detailed resource
configuration histories, and determine your overall compliance against the configurations specified in your
internal guidelines. This enables you to simplify compliance auditing, security analysis, change
management, and operational troubleshooting.

Question 51

Which servicestores objects, provides real-time access to those objects, and offers versioning and lifecycle
capabilities?
A. Amazon Glacier
B. AWS Storage Gateway
C. Amazon S3
D. Amazon EBS

Answer 51

Answer: C

Question 52

The use of what AWS feature or service allows companies to track and categorize spending on a detailed
level?
A. Cost allocation tags
B. Consolidated billing
C. AWS Budgets
D. AWS Marketplace

Answer 52

Answer: A
Explanation:https://docs.aws.amazon.com/it_it/marketplace/latest/buyerguide/cost-allocation-tagging-ami-marketplace.
html

Question 53

Which of the following Reserved Instance (RI) pricing models provides the highest average savings
compared to On-Demand pricing?
A. One-year, No Upfront, Standard RI pricing
B. One-year, All Upfront, Convertible RI pricing
C. Three-year, All Upfront, Standard RI pricing
D. Three-year, No Upfront, Convertible RI pricing

Answer 53

Answer: C

Question 54

What costs are included when comparing AWS Total Cost of Ownership (TCO) with on-premises TCO?
A. Project management
B. Antivirussoftware licensing
C. Data center security
D. Software development

Answer 54

Answer: C
Explanation:
https://media.amazonwebservices.com/AWS_TCO_Web_Applications.pdf

Question 55

Which of the following components of the AWS Global Infrastructure consists of one or more discrete data
centers interconnected through lowlatency links?
A. Availability Zone
B. Edge location
C. Region
D. Private networking

Answer 55

Answer: A

Question 56

Which of the following services will automatically scale with an expected increase in web traffic?
A. AWS CodePipeline
B. Elastic Load Balancing
C. Amazon EBS
D. AWS Direct Connect

Answer 56

Answer: B
Explanation:
Reference:https://aws.amazon.com/elasticloadbalancing/
Automatically scale your applications Elastic Load Balancing provides confidence that your applications will
scale to the demands of your customers. With the ability to trigger Auto Scaling for your Amazon
EC2instance fleet when latency of any one of your EC2 instances exceeds a preconfigured threshold, your
applications will always be ready to serve the next customer request
https://aws.amazon.com/ebs/

Question 57

Which statement best describes Elastic Load Balancing?
A. It translates a domain name into an IP address using DNS.
B. It distributes incoming application traffic across one or more Amazon EC2instances.
C. It collects metrics on connected Amazon EC2 instances.
D. It automatically adjusts the number of Amazon EC2 instances to support incoming traffic.

Answer 57

Answer: B

Question 58

Whatis the lowest-cost, durable storage option for retaining database backups for immediate retrieval?
A. Amazon S3
B. Amazon Glacier
C. Amazon EBS
D. Amazon EC2 Instance Store

Answer 58

Answer: A

Question 59

What is the benefit of using AWS managed services,such as Amazon ElastiCache and Amazon Relational
Database Service (Amazon RDS)?
A. They require the customer to monitor and replace failing instances.
B. They have better performance than customer-managed services.
C. They simplify patching and updatingunderlying OSs.
D. They do not require the customer to optimize instance type or size selections.

Answer 59

Answer: C

Question 60

A customer needs to run a MySQL database that easily scales. Which AWS service should they use?
A. Amazon Aurora
B. Amazon Redshift
C. Amazon DynamoDB
D. Amazon ElastiCache

Answer 60

Answer: A

Question 61

Which is the MINIMUM AWS Support plan that allows for one-hour target response time for support cases?
A. Enterprise
B. Business
C. Developer
D. Basic

Answer 61

Answer: B

Question 62

Which of the following can limit Amazon Storage Service (Amazon S3) bucket access to specific users?
A. A public and private key-pair
B. Amazon Inspector
C. AWS Identity and Access Management (IAM) policies
D. Security Groups

Answer 62

Answer: C

Question 63

What is an example of agility in the AWS Cloud?
A. Access to multiple instance types
B. Access to managed services
C. Using Consolidated Billing to produce one bill
D. Decreased acquisition time for newcompute resources

Answer 63

Answer: D

Question 64

Which AWSservice can be used to manually launch instances based on resource requirements?
A. Amazon EBS
B. Amazon S3
C. Amazon EC2
D. Amazon ECS

Answer 64

Answer: C

Question 65

Which of the following is a shared control between the customer and AWS?
A. Providing a key for Amazon S3 client-side encryption
B. Configuration of an Amazon EC2 instance
C. Environmental controls of physical AWS data centers
D. Awareness and training

Answer 65

Answer: D

Question 66

Which of the following security-related actions are available at no cost?
A. Calling AWS Support
B. Contacting AWS Professional Services to request a workshop
C. Accessing forums, blogs, and whitepapers
D. Attending AWS classes at a local university

Answer 66

Answer: C

Question 67

Which service allows a company with multiple AWS accountsto combine its usage to obtain volume
discounts?
A. AWS Server Migration Service
B. AWS Organizations
C. AWS Budgets
D. AWS Trusted Advisor

Answer 67

Answer: B
Explanation:
use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple
AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. Every organization in AWS
Organizations has a master account that pays the charges of all the member accounts.
Consolidated billing has the following benefits:

Question 68

Which AWS managed service is used to hostdatabases?
A. AWS Batch
B. AWS Artifact
C. AWS Data Pipeline
D. Amazon RDS

Answer 68

Answer: D
Explanation: Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a
relational database in the cloud. It provides cost-efficient and resizable capacity while automating
time-consuming administration tasks such as hardware provisioning, database setup, patching and
backups. It frees you to focus on your applications so you can give them the fast performance, high
availability, security and compatibility they need.

Question 69

What is one of theadvantages of the Amazon Relational Database Service (Amazon RDS)?
A. It simplifies relational database administration tasks.
B. It provides 99.99999999999% reliability and durability.
C. It automatically scales databases for loads.
D. It enabledusers to dynamically adjust CPU and RAM resources.

Answer 69

Answer: A
Explanation:
https://aws.amazon.com/rds/

Question 70

Which AWS service provides alerts when an AWS event may impact a company’s AWS resources?
A. AWS Personal Health Dashboard
B. AWS Service Health Dashboard
C. AWS Trusted Advisor
D. AWS Infrastructure Event Management

Answer 70

Answer: A
Explanation:
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing
events that may impact you. While the Service Health Dashboard displays the general status of AWS
services, Personal HealthDashboard gives you a personalized view into the performance and availability of
the AWS services underlying your AWS resources.

Question 71

Which of the following AWS Cloud services can be used to run a customer-managed relational database?
A. Amazon EC2
B. Amazon Route 53
C. Amazon ElastiCache
D. AmazonDynamoDB

Answer 71

Answer: A

Question 72

A customer is using multiple AWS accounts with separate billing.
How can the customer take advantage of volume discounts with minimal impact to the AWS resources?
A. Create one global AWS acount and move all AWS resources to tha account.
B. Sign up for three years of ReservedInstance pricing up front.
C. Use the consolidated billing feature from AWS Organizations.
D. Sign up for the AWS Enterprise support plan to get volume discounts.

Answer 72

Answer: C

Question 73

AWS supports which of the following methods to add security to Identity and Access Management (IAM)
users? (Select TWO.)
A. Implementing Amazon Rekognition
B. Using AWSShield-protected resources
C. Blocking access with Security Groups
D. Using Multi-Factor Authentication (MFA)
E. Enforcing password strength and expiration

Answer 73

Answer: D E

Question 74

Which AWS service provides the ability to manage infrastructure as code?
A. AWS CodePipeline
B. AWS CodeDeploy
C. AWS Direct Connect
D. AWS CloudFormation

Answer 74

Answer: D
Explanation:
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure
resources in your cloud environment. CloudFormation allows you to use a simple text file to model and
provision, in an automated and secure manner, all the resources needed for your applications across all
regions and accounts. This file serves as the single source of truth for your cloud environment.
https://containersonaws.com/introduction/infrastructure-as-code/

Question 75

Which service provides a virtually unlimited amount of online highly durable object storage?
A. Amazon Redshift
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon S3

Answer 75

Answer: D

Question 76

What approach to transcoding a large number of individual video files adheres to AWS architecture
principles?
A. Using many instances in parallel
B. Using a single large instance during off-peak hours
C. Using dedicated hardware
D. Using a large GPU instance type

Answer 76

Answer: A

Question 77

Under the shared responsibility model, which of the following is the customer responsible for?
A. Ensuring that disk drives are wiped after use.
B. Ensuring that firmware is updated on hardware devices.
C. Ensuring that data is encrypted at rest.
D. Ensuring that network cables are category six or higher.

Answer 77

Answer: C
Explanation:
AWS for a self-hosted database that requires a nightly shutdown for maintenance andcost-saving purposes

Question 78

For which auditing process does AWS have sole responsibility?
A. AWS IAM policies
B. Physical security
C. Amazon S3 bucket policies
D. AWS CloudTrail Logs

Answer 78

Answer: B

Question 79

Which of the following services could be used to deploy an application to servers running on-premises?
(Select TWO.)
A. AWS Elastic Beanstalk
B. AWS OpsWorks
C. AWS CodeDeploy
D. AWS Batch
E. AWS X-Ray

Answer 79

Answer: B C

Question 80

A company is looking for a scalable data warehouse solution.
Which of the following AWS solutions would meet the company’s needs?
A. Amazon Simple Storage Service (Amazon S3)
B. Amazon DynamoDB
C. AmazonKinesis
D. Amazon Redshift

Answer 80

Answer: D

Question 81

Which of the Reserved Instance (RI) pricing models can change the attributes of the RI as long as the
exchange results in the creation of RIs of equal or greater value?
A. Dedicated RIs
B. Scheduled RIs
C. Convertible RIs
D. Standard RIs

Answer 81

Answer: C

Question 82

Which of the following are categories of AWS Trusted Advisor? (Select TWO.)
A. Fault Tolerance
B. InstanceUsage
C. Infrastructure
D. Performance
E. Storage Capacity

Answer 82

Answer: A D
Explanation:
Like your customized cloud expert, AWS Trusted Advisor analyzes your AWS environment and provides
best practice recommendations in five categories: cost optimization,performance, security, fault tolerance
and service limits

Question 83

Under the AWS shared responsibility model, which of the following activities are the customer’s
responsibility? (Select TWO.)
A. Patching operating system components for Amazon Relational Database Server (Amazon RDS)
B. Encrypting data on the client-side
C. Training the data centerstaff
D. Configuring Network Access Control Lists (ACL)
E. Maintaining environmental controls within a data center

Answer 83

Answer: B D

Question 84

Under the shared responsibility model, which of the following is a shared control between a customer and
AWS?
A. Physical controls
B. Patch management
C. Zone security
D. Data center auditing

Answer 84

Answer: C
Explanation:
Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in
completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the
infrastructure and the customer must provide their own control implementation within their use of AWS
services. Examples include:

Question 85

Which of thefollowing is an advantage of consolidated billing on AWS?
A. Volume pricing qualification
B. Shared access permissions
C. Multiple bills per account
D. Eliminates the need for tagging

Answer 85

Answer: A
Explanation:
If you have multiple standalone accounts, yourcharges might decrease if you add the accounts to an
organization. AWS combines usage from all accounts in the organization to qualify you for volume pricing
discounts.

Question 86

Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based
AWS and on-premises servers?
A. Amazon S3
B. Amazon Glacier
C. Amazon EBS
D. Amazon EFS

Answer 86

Answer: D
Explanation:
Explanation:
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file
system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to
petabytes without disrupting applications, growing and shrinking automatically as you add and remove files,
eliminating the need to provision and manage capacity to accommodate growth.
Amazon EFS is designed to provide the throughput, IOPS, and low latency needed for Linux workloads.
Throughput and IOPS scale as a file system grows and can burst to higher throughput levels for short
periods of time to support the unpredictable performance needs of file workloads. For the most demanding
workloads, Amazon EFS can support performance over 10GB/sec and up to 500,000 IOPS.

Question 87

When architecting cloud applications, which of the following are a key design principle?
A. Use the largest instance possible
B. Provision capacity for peak load
C. Use the Scrum development process
D. Implement elasticity

Answer 87

Answer: D
Explanation:
https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf

Question 88

Which storage service can be used as a low-cost option for hosting static websites?
A. Amazon Glacier
B. Amazon DynamoDB
C. Amazon Elastic File System (Amazon EFS)
D. Amazon Simple Storage Service (Amazon S3)

Answer 88

Answer: D

Question 89

Distributingworkloads across multiple Availability Zones supports which cloud architecture design principle?
A. Implement automation.
B. Design for agility.
C. Design for failure.
D. Implement elasticity.

Answer 89

Answer: C
Explanation:
https://www.slideshare.net/AmazonWebServices/best-practices-for-architecting-in-the-cloud-jeff-barr/10-D
esig Application Deployment and Data replication”

Question 90

Which of the following AWS features enables a user to launch a pre-configured Amazon Elastic Compute
Cloud (Amazon EC2) instance?
A. Amazon Elastic Block Store (Amazon EBS)
B. Amazon Machine Image
C. Amazon EC2Systems Manager
D. Amazon AppStream 2.0

Answer 90

Answer: B
Explanation:
To use Amazon EC2, you simply:

Question 91

Which AWS service allows companies to connect an Amazon VPC to anon-premises data center?
A. AWS VPN
B. Amazon Redshift
C. API Gateway
D. Amazon Direct Connect

Answer 91

Answer: D
Explanation:
AWS Direct Connect enables you to securely connect your AWS environment to your on-premises data
center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection. AWS Direct
Connect offers dedicated high speed, low latency connection, which bypasses internet service providers in
your network path. An AWS Direct Connect location provides access to Amazon Web Services in the
region it is associated with, as well as access to other US regions. AWS Direct Connect allows you to
logically partition the fiber-optic connections into multiple logical connections called Virtual Local Area
Networks (VLAN). You can take advantageof these logical connections to improve security, differentiate
traffic, and achieve compliance requirements.

Question 92

Which of the following are valid ways for a customer to interactwith AWS services? (Select TWO.)
A. Command line interface
B. On-premises
C. Software Development Kits
D. Software-as-a-service
E. Hybrid

Answer 92

Answer: A C

Question 93

Which design principles for cloud architecture are recommended when re-architecting a large monolithic
application? (Select TWO.)
A. Use manual monitoring.
B. Use fixed servers.
C. Implement loose coupling.
D. Rely on individual components.
E. Design for scalability.

Answer 93

Answer: C E
Explanation:
https://www.architech.ca/re-architect-applications/

Question 94

Which of the following is the customer’s responsibility under the AWS shared responsibility model?
A. Patching underlying infrastructure
B. Physical security
C. Patching Amazon EC2 instances
D. Patching network infrastructure

Answer 94

Answer: C

Question 95

How would an AWS customer easily apply common access controls to a large set of users?
A. Apply an IAM policy to an IAM group.
B. Apply an IAM policyto an IAM role.
C. Apply the same IAM policy to all IAM users with access to the same workload.
D. Apply an IAM policy to an Amazon Cognito user pool.

Answer 95

Answer: A
Explanation:
Instead of defining permissions for individual IAM users, it’s usually more convenient to create groups that
relate to job functions (administrators, developers, accounting, etc.). Next, define the relevant permissions
for each group. Finally, assign IAM users to those groups. All the users in an IAM group inherit the
permissions assigned to thegroup. That way, you can make changes for everyone in a group in just one
place. As people move around in your company, you can simply change what IAM group their IAM user belongs to.

Question 96

A company is considering using AWS for a self-hosted database that requires a nightly shutdown for
maintenance and cost-saving purposes.
Which service should the company use?
A. Amazon Redshift
B. Amazon DynamoDB
C. Amazon Elastic Compute Cloud (Amazon EC2) with Amazon EC2 instance store
D. Amazon EC2 with Amazon Elastic Block Store (Amazon EBS)

Answer 96

Answer: D

Question 97

Which AWS IAM feature allows developers toaccess AWS services through the AWS CLI?
A. API keys
B. Access keys
C. User names/Passwords
D. SSH keys

Answer 97

Answer: B
Explanation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
Access keys are long-term credentials for an IAM user or the AWS account rootuser. You can use access
keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK)

Question 98

Which feature of the AWSCloud will support an international company’s requirement for low latency to all of
its customers?
A. Fault tolerance
B. Global reach
C. Pay-as-you-go pricing
D. High availability

Answer 98

Answer: B
Explanation:
https://aws.amazon.com/blogs/startups/expanding-kloudlesss-global-reach-by-bridging-regions/

Question 99

A customer is deploying a new application and needs to choose an AWS Region. Which of the following
factors could influence the customer’s decision? (Select TWO.)
A. Reduced latency to users
B. The application’s presentation in the locallanguage
C. Data sovereignty compliance
D. Cooling costs in hotter climates
E. Proximity to the customer’s office for on-site visits

Answer 99

Answer: A C

Question 100

What technology enables compute capacity toadjust as loads change?
A. Load balancing
B. Automatic failover
C. Round robin
D. Auto Scaling

Answer 100

Answer: D
Explanation:
AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady,
predictable performance at the lowestpossible cost. Using AWS Auto Scaling, it’s easy to setup application
scaling for multiple resources across multiple services in minutes. The service provides a simple, powerful
user interface that lets you build scaling plans for resources including Amazon EC2 instances and Spot
Fleets, Amazon ECS tasks, Amazon DynamoDB tables and indexes, and Amazon Aurora Replicas. AWS
Auto Scaling makes scaling simple with recommendations that allow you to optimize performance, costs, or
balance between them. If you’realready using Amazon EC2 Auto Scaling to dynamically scale your Amazon EC2 instances, you can now combine it with AWS Auto Scaling to scale additional resources for
other AWS services. With AWS Auto Scaling, your applications always have the right resources at the right
time.